Ooook, here is another configuration example for the Cisco implementation for VXLAN using BGP EVPN for distributed control-plane operations. anycast gateway, and unicast head-end replication. I am using Cisco 9396PX devices for leaf switches and Cisco 9508 chassis switches for the spine using iBGP. We’ll explore the basic setup with the leaf switches being vPC enabled, including the Border Leaf switches, while also going over a few scenarios which can blackhole traffic and how to avoid this without a OSPF adjacency between the leaf switches.

This blog will assume you understand the basic setup of BGP EVPN VXLAN by reading the great Cisco documentation already available; thus, I presume you’re coming here for a more in-depth, real-world deployment scenario and for some better explanations and failure scenario testing and outputs

Below, this diagram shows the connectivity in the UNDERLAY network:

Cisco BGP EVPN UNDERLAY

Cisco BGP EVPN UNDERLAY

You can see we have three spine switches, two configured as route reflectors for scalability. Below is the configuration of a single spine switch being used as a route reflector, the other route reflector is setup the same way, with IP addresses being different and such and, of course, the other spine switch not having any iBGP peering relationships with the third spine switch is just runs OSPF, forms adjacencies with all VTEPS for advertisement of VTEP IP reachability.


nv overlay evpn
feature ospf
feature bgp
feature nv overlay

router ospf 1
router-id 172.16.2.253
log-adjacency-changes
passive-interface default

interface Ethernet1/1
description Leaf01-9kA
link debounce time 0
mtu 9216
medium p2p
ip address 172.16.2.1/30
ip ospf network point-to-point
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown

interface loopback0
ip address 1.1.1.10/32
ip router ospf 1 area 0.0.0.0

router bgp 65000
router-id 1.1.1.10
address-family ipv4 unicast
neighbor 1.1.1.40
description VTEP1
password 3 SOMEPASSWORD
update-source loopback0
timers 3 9
address-family ipv4 unicast
address-family l2vpn evpn
send-community both
route-reflector-client
neighbor 1.1.1.41 remote-as 65000
description VTEP2
password 3 SOMEPASSWORD
update-source loopback0
timers 3 9
address-family l2vpn evpn
send-community both
route-reflector-client

The above forms the basis of the Underlay network on the spine and sets up the route-reflectors. We have tuned this for protocol convergence speed; thus, timers are aggressive for BGP and you’ll notice the “link debounce time 0”, which disabled link debounce. In a nutshell, by default, the debounce time is the amount of time after a switchport goes down for which the switchport will wait to notify the supervisor, 100msec by default. Disabling this allows immediate updating to the supervisor on a link failure to start protocol convergence. If you’re worried about an unstable interface, it is quite likely in the event of a link failing/flapping issue, the link-flap detection mechanism will down the port. Finally, we set BOTH the interface medium to p2p and set the OSPF network type to point-to-point. Why? In the event someone misses the command to switch OSPF to point-to-point, since this interface type is broadcast by default, the medium p2p command changes the ports operating mode and OSPF will properly adjust to point-to-point; thus, this is just good extra redundancy.

Now, here is the overlay view, pretend this is an OVERLAY named “Tenant-01”:
VXLAN-OVERLAY

Below is the configuration:


nv overlay evpn
feature ospf
feature bgp
feature interface-vlan
feature vn-segment-vlan-based
feature lacp
feature vpc
feature nv overlay

fabric forwarding anycast-gateway-mac 0005.0005.0005
fabric forwarding dup-host-ip-addr-detection 5 180

class-map type qos match-any ONE
match cos 1
match dscp 26
class-map type qos match-any TWO
match cos 2
match dscp 16
class-map type qos match-any THREE
match cos 3
match dscp 48
policy-map type qos REST-YOUR-COS-FOR-UCS-FI
class SILVER
set cos 2
class GOLD
set cos 4
class PLATINUM
set cos 6
policy-map type qos FOR-THE-COS-IGNORANT
class class-default
set cos 2
set dscp 16

spanning-tree vlan 1-3967 hello-time 4

vlan 201
name VXLAN-VLAN01
vn-segment 100201
vlan 202
name VXLAN-VLAN02
vn-segment 900202
vlan 203
name VXLAN-VLAN03
vn-segment 900203
vlan 2999
name VLAN-FOR-BRIDGE-DOMAIN
vn-segment 29999

vrf context Tenant01
vni 29999
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
address-family ipv6 unicast
route-target both auto
route-target both auto evpn

track 1 ip route 1.1.1.10/32 reachability
track 2 ip route 1.1.1.20/32 reachability
track 10 list boolean and
object 2
object 1
delay up 12

event manager applet spine-down
event track 10 state down
action 1.0 cli vpc domain 50
action 1.1 cli shutdown
action 1.2 cli interface loopback0
action 1.3 cli shutdown
action 1.4 cli interface nve 1
action 1.5 cli shutdown
event manager applet spine-up
event track 10 state down
action 1.0 cli vpc domain 50
action 1.1 cli no shutdown
action 1.2 cli interface loopback0
action 1.3 cli no shutdown
action 1.4 cli interface nve 1
action 1.5 cli no shutdown

hardware access-list tcam region vacl 0
hardware access-list tcam region e-racl 0
hardware access-list tcam region span 0
hardware access-list tcam region redirect 256
hardware access-list tcam region rp-qos 0
hardware access-list tcam region rp-ipv6-qos 0
hardware access-list tcam region rp-mac-qos 0
hardware access-list tcam region e-ipv6-qos 256
hardware access-list tcam region e-qos-lite 256
hardware access-list tcam region arp-ether 256

vpc domain 100
peer-switch
role priority 8192
system-priority 8192
peer-keepalive destination 192.168.1.1 source 192.168.1.2 interval 500 timeout 3
delay restore 5
peer-gateway
auto-recovery
ipv6 nd synchronize
ip arp synchronize

interface Vlan2999
description L3-VXLAN-BD
no shutdown
mtu 9216
vrf member Tenant01
no ip redirects
ip forward
ipv6 forward
no ipv6 redirects

interface Vlan201
description NET01
no shutdown
mtu 9216
no ip redirects
management
vrf member VXLAN
ip address 10.0.0.1/24
no ipv6 nd redirects
fabric forwarding mode anycast-gateway

interface Vlan202
description NET02
no shutdown
mtu 9216
no ip redirects
vrf member Tenant02
ip address 10.0.1.1/24
fabric forwarding mode anycast-gateway

interface Vlan203
description NET03
no shutdown
mtu 9216
no ip redirects
vrf member Tenant01
ip address 10.0.2.1/24
fabric forwarding mode anycast-gateway

interface port-channel50
description To Ethernet Switch B
switchport mode trunk
vpc peer-link

interface port-channel201
description Fabric-Interconnect-A
switchport mode trunk
switchport trunk allowed vlan 201-203
spanning-tree port type edge trunk
mtu 9216
service-policy type qos output REST-YOUR-COS-FOR-UCS-FI
vpc 201

interface port-channel202
description Fabric-Interconnect-B
switchport mode trunk
switchport trunk allowed vlan 201-203
spanning-tree port type edge trunk
mtu 9216
service-policy type qos output REST-YOUR-COS-FOR-UCS-FI
vpc 202

interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
source-interface hold-down-time 120
member vni 29999 associate-vrf
member vni 100201-100202
suppress-arp
ingress-replication protocol bgp

interface Ethernet2/1
switchport mode trunk
channel-group 50 mode active

interface Ethernet2/2
switchport mode trunk
channel-group 50 mode active

interface Ethernet2/3
no switchport
link debounce time 0
medium p2p
mtu 9216
ip address 172.16.2.18/30
no ipv6 redirects
ip ospf network point-to-point
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown

interface Ethernet2/4
no switchport
link debounce time 0
medium p2p
mtu 9216
ip address 172.16.3.22/30
ip ospf network point-to-point
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown

interface loopback0
description Loopback for NVE VTEP
ip address 1.1.100.44/32
ip address 1.1.1.102/32 secondary
ip router ospf 1 area 0.0.0.0

interface loopback1
description Loopback for BGP update-source
ip address 1.1.1.44/32
ip router ospf 1 area 0.0.0.0

router ospf 1
router-id 172.16.2.18
passive-interface default
log-neigh-adj

router bgp 65000
router-id 1.1.1.44
log-neighbor-changes
address-family ipv4 unicast
maximum-paths ibgp 10
neighbor 1.1.1.10
description spine1
password 3 SOMEPASSWORD
update-source loopback1
timers 3 9
address-family ipv4 unicast
address-family l2vpn evpn
send-community both
neighbor 1.1.1.20
description spine2
password 3 SOMEPASSWORD
update-source loopback1
timers 3 9
address-family ipv4 unicast
address-family l2vpn evpn
send-community both
vrf Tenant01
address-family ipv4 unicast
advertise l2vpn evpn
maximum-paths ibgp 10
address-family ipv6 unicast
advertise l2vpn evpn
maximum-paths ibgp 6
evpn
vni 100201 l2
rd auto
route-target import auto
route-target export auto
vni 100202 l2
rd auto
route-target import auto
route-target export auto
vni 100203 l2
rd auto
route-target import auto
route-target export auto

ip tcp path-mtu-discovery
l2rib dup-host-mac-detection 5 180

A lot to see here, right? This is why I decided to break this into two parts, so this is part 1 and my next post is part 2 for border leafs and failure scenarios! Lets get this initial review over with!

I will just outline all the key points here:

  • policy-map type qos REST-YOUR-COS-FOR-UCS-FI – This is for those of you who utilize the COS in Cisco UCS and want to maintain your COS value AFTER your packet is VXLAN DE-CAPSULATED. With this EVPN VXLAN configuration, the original 802.1Q header is stripped at ingress; thus, no COS value remains, but if you set any DSCP at the virtual switch level it is maintained throughout so we’re assuming you’re marking DSCP at your virtual switch along with COS and you have your own unique mapping from COS to DSCP. So, you create the classes I have above, this is all for example, your mappings will/may be different, and then create a policy-map to match against the DSCP value marked from your virtual switch and set the appropriate COS value. You then set this as a QOS OUTBOUND policy on the port-channel towards your Fabric Interconnects, but you will have to adjust your TCAM entries for this to work. The other one, for the COS-IGNORANT, will be for devices which aren’t smart enough to set either the DSCP or COS value; thus, just apply this to the interface, inbound, and set your values as needed
  • fabric forwarding anycast-gateway-mac 0005.0005.0005 – This is for the anycast gateway mac address. You can get “funny” here, but I like to keep it simple, your choice.
  • fabric forwarding dup-host-ip-addr-detection 5 180 – I set the duplicate host IP detection to 5 moves in 180 seconds for my environment, tune to the values best suited for yours
  • track objects and object list – I set these to look for the BGP neighbor address of the route-reflectors in the routing table and then assign each of those to the track object list for later assignment to the VPC. Part 2 will show and explain why
  • hardware tcam entries – Follow these for success in this configuration, especially if you’re in need of using the outbound QOS service policies
  • VPC peer-keepalive and delay-restore timers – Set to our environment and for specific reasons we’ll explain in part 2
  • NVE source-interface hold-down – This timer is set to 120 seconds, tuned for our environment, from the default of 300 seconds. I will explain the use of this and why I use 120 seconds in part 2
  • Loopback0 – Used ONLY for the NVE VTEP interface
  • Loopback0 secondary address – for vPC enabled VTEPS only, this is the PROXY VTEP address used
  • Loopback1 – Used ONLY for BGP source-updates
  • BGP passwords – This is used for security in the Underlay, you can also utilize OSPF authentication too, for extra security
  • So, like Forest Gump said to all his faithful followers “I’m pretty tired….I think I’ll go home now”. So, see you on Part 2, where the FUN is!!!

    CONTINUE TO PART 2


If you’re attempting to use SCP on your Nexus switch and you realize you’re getting slow performance, even with jumbo frames enabled on your source interface, the physical connected interface, and you’ve verified everything along the path is set to the correct jumbo MTU, you’re likely going to need to reference your system QOS settings for network-qos. By default, the standard policy-map applied under system qos is references the class-default network-qos class and sets the MTU to 1500. You will need to create a new policy-map like this:

policy-map type network-qos jumbo
class type network-qos class-default
mtu 9216
system qos
service-policy type network-qos jumbo

Once you have this created, the next thing you want to do is enable path-mtu-discovery

ip tcp path-mtu-discovery

From there, you can attempt to ping your destination using a jumbo frame packet size with the df-bit set for testing, you should see it go through successfully and you’ll notice your SCP transfers are much faster for those large BIN files for code upgrades.

The smoking gun to finding this issue is going to be on your physical uplinks doing a show interface e#/# and you’ll notice on the TX side you’ll see jumbo frames sent and then you’ll see incrementing input errors on the RX, in increasing precision with the number of jumbo frames sent.

This was testing on a Cisco Nexus 3172 running 7.0.3.I2.2 code.


There is an issue I have noticed with VMware systems deployed with Nexus vPC technology that involve traffic only making it out of the vPC by disabling half the vPC or getting rid of the vPC completely. Initially you’re thinking this is a Cisco issue and I am here to tell you that you’re wrong.

In the virtual switch port-groups and the VMNIC teaming there is a load balancing algorithm you can choose from. I have seen issues where the VMNICS are set to route based on IP hash but the port-group could be set to something like route based on originating  port-id. 

If you’re noticing that pinging the machine from the vPC enabled switches, if they have a SVI enabled, that the ping is only responsive on ONE of the devices and from a north end machine, outside the vPC and probably your desk, only gets responses when HALF the vPC is down, you need to immediately check the hashing for the vmnics and the port-group.

Use the command: esxtop – to review what virtual machines are using what vSwitch and vmnic port to further aid in your troubleshooting.

I would highly suggest you keep it the same at both levels, there may be only odd circumstances where mixing these is helpful but you’re likely trading predictability for what may be perceived performance you’re probably not getting.


I was in a training class recently and they were speaking about ECMP and how it “converges” if a link goes down. Let me just say this, that is absolutely incorrect and is just as bad as saying “I have two class C’s”, it really doesn’t bode well with most people.

With ECMP you’re actually installing multiple routes of the same cost into the routing table and you’re either going to load balance based on a per-packet or per flow basis with per-flow being the most preferred because of the nature of TCP operations. Now, how it load balances on which link will be determined upon the algorithm used, most use round-robin.

Please understand, ECMP doesn’t mean the links are of EQUAL bandwidth and latency, just from a metric cost perspective they’re “equal”. When a link goes down there is absolutely no convergence taking place, the packets/flow just get routed out of one of the other available, equal-cost links. Please stop saying they’re “converging” because that makes most think there is either a dynamic computation taking place with a dynamic routing protocol or the router itself is having to install a route into the RIB from the FIB.


We know that for switches to cooperate inside each region the following must be configured the same:

  • Name – Case Sensitive
  • Revision – Any number, but should be the same
  • Instance mappings and their respective VLANs

Now, what about the VLANs themselves? What about switches and security? I looked all over for this answer and it was vague at best and each vendors documentation said something a little different from each others. However, this is just my preliminary testing, I added multiple instances to my spanning-tree setup on my Cisco Catalyst 3750. My scenario was as follows along with the outputs:

  1. Two instances
  2. Instance 1 had all the real VLANs that were actual VLANs on the switch
  3. Instance 2 had 2 VLANs mapped
    • The first test of MIST2 was with both VLANs not being defined on the switch
    • The second test of MIST2 was with one VLAN defined and the other not
    • The third test of MIST2 was with both the VLANs defined

Because MST instances themselves do not communicate the actual VLANs or VLAN mappings, and IST/CIST does not actually communicate the actual VLAN-to-Instance mapping either. Instead, we rely on IST0 to transmit the BPDUs that contain our information like: name, revision, checksum/Config digest/hash and the actual configuration digest/checkum/hash is the value to which each switch will calculate to determine if they’re operating in the exact same region or in different regions. The digest/hash/checksum is calculated based on parameters present in the MST configuration table. Want to know more about the hashing? Here is a link: 802.1s explained.

The information is long and boring, but do a search for “digest” and you’ll find yourself deep into figuring out how this all works. The test results are soon to come, I am working on both Catalyst and Nexus outputs to benefit not just enterprise and branch, but for those in the data center who’re having to work in vPC hybrid environments with STP attached devices. More to come…


So, most of you probably got here because you’re probably on your CCIE track and you’re hearing a ton about the 32-bit words in the IPv4 headers and looking for an answer to the topic. It is without question that most may never know exactly what they’re talking about when they say “word” and this can lead to some confusion. First, the definition of a word from Wikipedia is:

“A word is basically a fixed-sized group of digits (binary or decimal) that are handled as a unit by the instruction set or the hardware of the processor. The number of digits in a word (the word size, word width, or word length) is an important characteristic of any specific processor design or computer architecture.”

Essentially, this means each 32 bits, 32 different positions where the values can be 0 or 1 in binary, is a “WORD”. Thus, when they’re referencing the IPv4 header length in a packet capture, you’ll see the size of the header. That header size is calculated by looking at the raw header, generally the next position after the Type, and you’ll find a hexadecimal value, lets say D, which is 13. Thus, you have 13 different 32-bit words.

Now, 13*32=416. Take the 416/8=52 bytes in the IPv4 header. Why 8? There are 8 bits in each byte. So, the next time you hear someone mention there are X number of 32-bit words in an IPv4 header, you now have some idea of what they’re talking about.


Providing you’re either: 1. Using a hostname of the device or 2. You’re positive it will receive the same IP, if you’re using an IP address to connect to your machine using RDP that obtains its IP parameters using DHCP:

ipconfig /release && ipconfig /renew

As simple as that. In fact, you can use the same operation “&&” on a Linux box with a BASH shell using whatever interface configuration commands you’re using, if you don’t have a script which already does it for you.


Confused about getting QoS working on your Nexus 9300 platform (I worked with the 9396PX)? Well, if you’re coming from the Nexus 5500 platforms you’re in for a little tweaking to get this working as some things are different. I will quickly outline them and move onto some sample configuration:

  • MTU is set on an interface level
  • System defined queuing class-maps
  • egress queues (0 is default and 1-3 which are already pre-mapped using the above mentioned class-maps)
  •  Both access and trunk ports, by default, treat all traffic as if it had CoS 0, moving it into the default queue
  • QOS ingress service-policy must be applied to ports or port-channels to classify traffic

Here is some basic configuration for setting the QOS policy to classify:

class-map type qos match-all RUBY
match cos 4
class-map type qos match-all EMERALD
match cos 2
class-map type qos match-all DIAMOND
match cos 6

policy-map type qos QOS_POLICY
class RUBY
set qos-group 2
class EMERALD
set qos-group 1
class DIAMOND
set qos-group 3

interface port-channel20
switchport mode trunk
switchport trunk allowed vlan all
spanning-tree port type edge trunk
mtu 9216
service-policy type qos input QOS_POLICY

Now, let’s view the system defined queuing class-maps so you can get an idea of this:

class-map type queuing match-any c-out-q3
Description: Classifier for Egress queue 3
match qos-group 3
class-map type queuing match-any c-out-q2
Description: Classifier for Egress queue 2
match qos-group 2
class-map type queuing match-any c-out-q1
Description: Classifier for Egress queue 1
match qos-group 1
class-map type queuing match-any c-out-q-default
Description: Classifier for Egress default queue
match qos-group 0

Finally, let’s assign some bandwidth allocation around those queues:

policy-map type queuing QUEUING_POLICY
class type queuing c-out-q1
bandwidth percent 10
class type queuing c-out-q2
bandwidth percent 15
class type queuing c-out-q3
bandwidth percent 25
class type queuing c-out-q-default
bandwidth percent 50

Now, we apply this QUEUING policy to the system-qos:

system qos
service-policy type queuing output QUEUING_POLICY

I’ll update this more and more as I encounter more QoS with the 9300 platform.


This is an oldie, but goodie:

I only wish there was a link to explain more things in detail as there are a lot of people who don’t understand SNMP to the max. None-the-less, a great starting point, regardless of manufacturer, the beauty of standard protocols!


 

  • It isn’t your fault you were born into this mess.
    • As a child, you are the victim of your parent’s inability to provide a better means of living, you had no choice in who you were going to be born to, it is just unfortunate you weren’t dealt a better hand. However, God gave us all a shot at this life, learn to play the hand you have until you’re able to ask for new cards.
  • Kids will be cruel because you’re poor.
    • Just remember rule #1, it isn’t your fault you don’t have new clothes or  you’re wearing last year’s clothing; however, children will be cruel because their parents have money (a key thing to take notice on). Just remember this, a lot of the kids I went to school with, who picked on me because of my unfortunate circumstance, aren’t doing so well today.
  • Education is important, no matter what.
    • I am a high school drop out, plain and simple. I was set to fail in this life because I gave up and didn’t see education as an important resource to survive in life, I felt I could make it without it. I also needed to work for help pay bills and eat; however, that intention got shot to hell (and it will for you too because you’re too young to make these kind of decisions). High school is a critical point in your life, you’ll get to experience many things which will never come your way again. I hear people talk about their high school experiences, from the everyday goofy, prom, football games, and graduation…these are things I never got to experience and, just like me, you’ll feel left out of the conversation. Stay in school, no matter what.
  • When you’re old enough to make choices to impact your future, you’re no longer the victim.
    • I stand by lesson #1 because children are innocent; however, when you’re grown enough to make a decision for yourself, you are no longer the victim, suck it up and start asking yourself “Ask not what can society do for me, but what I can for society”. This simple quote is powerful, what can you do for others to show you’re destined for greatness? No one likes someone who pulls the victim story, people love success stories about someone pulling themselves up by their own bootstraps. You have a choice, the happy ending success story or the never ending sad song of playing the victim. When I tell my story, I tell a success story, one born into poverty, the troubles I faced and how made it to where I am, never once blaming anyone besides myself for my dumb decisions, instead, I talk about the lessons I learned.
  • Quit blaming others for everything.
    • You can now make your own choices which can have immediate and long term impact on your life; however, there are things which either you have no immediate or long term control over; however, this gives you absolutely no right blame others. There is no “man” with his foot on your neck, no one gives a damn about the color of your skin any longer, people care about your attitude and how you handle yourself, you will be judged by this. I grew up in the ghetto of West Palm Beach, Florida and was treated the same by “outsiders” who only saw where I came from, they didn’t care that I was white, I was to be avoided because I was on the wrong side of the tracks because I acted like it, plain and simple. When I carried myself like a respectable human being, spoke clear English, and treated others the way I wanted to be treated, no one realized I was from the ghetto.
  • Respect everyone, even if you absolutely hate them.
    • Having spent time in a juvenile program which based itself on basic military principles, I learned the hard way I can hate a person so much I wouldn’t piss on them if they caught fire, but I still had to not only give them respect, but learn to function as one dysfunctional team. You’re not going to like everyone in this world and they’re not going to like you; however, you must treat them with respect and if you have to work with them, learn to work with them in a way that you function as one well designed machine. In life, you’re not going to choose who you work with and sometimes you’re going to wish they get run over by a bus; however, you must learn to work with them during the times you need to, after that, you can pretend they don’t exist. People are going to recognize quickly if you’re disrespecting them or choosing not to work with them, this is selfish and childish. If the other person is behaving like a child, take the high road. It isn’t a good trait to throw people under the bus or “show them out”, a lot can be said of someone who’ll stand up for someone when they’re being kicked and already down, intelligent people will notice this trait, idiots will cheer for the opposite, decide who you want on your side?
  • No one is going to throw a parade for doing your job.
    • Don’t be a show boat, every respectable adult hates this. Getting a paycheck and advancing in your career is reward enough. In the business world there simply isn’t time to pat everyone on their back each time they do their job. Be thankful for the job you have now, do it to the best of your ability, even if the job isn’t your “destination job”, see point #8.
  • Do your best at everything, no matter what the circumstance.
    • This trait will show, even while working for minimum wage, you gave it all you had. I worked at various minimum wage jobs early in life and I gave them all I had, knowing these jobs were not what I would be doing forever, the job was not below me. If you say the job is below you, you’re insulting the people who have to work these jobs to survive and feed their families. My mother worked at McDonalds for not much more than minimum wage to give us a roof and food in our stomachs, if she could have done better, she would have in a heartbeat, but she was doing all she could do. There are some people who, if they could, would find better jobs and there are some people who don’t care to do any better and prefer to just “get by”, by choice (likely the victim and/or the leeching kind who only do the minimum to get by in life by choice). The former person you have to respect, because they’re doing all they can do in a shitty situation, the latter person, while still deserving of respect, you should have no sympathy for.
  • Focus on your future and yourself
    • I only had a GED and wasn’t in college, I didn’t have the luxury of living on campus getting free meals, I had to work to survive and plan my future through hard work and self-study. Thus, I had little to no time for weekly clubbing, parties, and other excursions. I made one major mistake, I settled down with a woman far too early in life, which distracted me from doing better than what I could do now. Friends are invaluable, but do not fall into their lifestyle choices by following them into the clubs each weekend spending copious amounts of money and time into something which does not benefit you. Learn to budget your money and spend wisely, this trait will follow you the rest of your life, even when  you’re making $100,000/year. Focus on how to get out of poverty, focus on what it is you want for a career to reach the former goal. Learn to spend your free time studying and internships in the discipline you want to pursue. I worked various engineering companies before I realized I didn’t want to be a mechanical engineer; however, when I landed some time in an IT department, I was hooked and knew IT was to be my career. While it seemed fun to go out to the clubs each weekend, I knew there was more to life than living weekend-to-weekend, paycheck-to-paycheck; thus, I kept my eye on the prize on the horizon and kept accelerating until I got there, one minor goal at-a-time until I reached the end . As an example, only one guy I knew from the days of clubbing each weekend is doing well, everyone else is back to living paycheck-to-paycheck, weekend-to-weekend…except now they’re the creepy old guy in the club.
  • When you’ve made it, find someone with just as much to gain and lose to marry
    •  Once you’ve accomplished pulling yourself out of poverty, landed in your career, and have a stable life, it is ok to find someone to spend your life with. But take it from me, you will want to find someone with similar goals and has as much or more to lose than you do. Never settle on a person, no matter how lonely you are, never settle. Once you’ve become the person you want to be you’ll learn to associate yourself with the successful type of person you desire. Just remember, you have to ask yourself, I want them, but will that type of person want me? This is why you have to look for someone with just as much or more to lose than you do, because someone with nothing to lose and everything to gain will be easy to find and they’ll do whatever they can do to sink their claws in you. My ex-wife was exactly like this and this cost me a lot of pain and suffering, not to mention major monetary losses because she was at rock bottom in life and I was on the rise, she just wanted a free ride. There are plenty of women like Carolyn out there, be aware of them and leave them alone, they’re not even worthy of a one night stand, you’ll never turn a trick into a treat. However, my current wife and I met at a key point in our lives, both on the rise in our careers and looking to accelerate as fast possible. We both knew we needed to take risks and with each of us having exactly the same and more to gain or lose, we took the leap of faith and took the risks and we are pleasantly rewarded. You should evaluate our situation with the same amount of observation, learn from others failed endeavors, try not to repeat them and life will be that much easier.

In all of this, thank God for the believers who take the chance on you when you’re up-and-coming in life, they’re the ones who really did believe you.